Solved: Re: CentOS 8.1 vs DP 10.40 - Micro Focus Community

kofop · ‎2020-04-21

I try to use DP 10.40 disk client on CentOS 8.1. The manual installation is finished without any problem, the import client geting the following error:

cell manager side debug.log:

2020-04-09 17:24:01.746  CRS-THREAD.20578.1702864640 ["/cs/mcrs/daemon.c $Rev$ $Date::                      $:":4515] A.10.40 b118
DbgStack: DbgFcnOut() function does not match function on stack!
    ExitFcn="ProcessRequest", StackFcn="SSCconfig_configurePeer_with_fprint"

cmd:crs
Function trace (currentLevel=1):
        Level  1: SSCconfig_configurePeer_with_fprint(handle:1, host:teraintra.domain.hu)
        Level  0: ProcessRequest(ctx:2, peer:**PERSONAL INFORMATION REMOVED**)

"ProcessRequest" found on stack, adjusted level to 0 (one or more DbgFcnOut() calls missing)

client side debug.log:

2020-04-09 17:24:01.957  INET.3301.0 ["/lib/ipc/ipc.c $Rev$ $Date::                      $:":6747] A.10.40 b118
[ipc_receiveDataExBase] invalid IPC packet header (369295616) => fail with ERROR
[ipc_receiveDataExBase] from connectionIP:[10.166.6.3], peerHost:[], peerProg:, pid:0
Dump of the first 4 bytes
[DbgDumpMem] 4/4 bytes 
	16 03 01 00                                                               ....
cmd:inet
Function trace (currentLevel=3):
	Level  3: ipc_receiveDataExBase(handle=1, buffer size=0, timeout=10)
	Level  2: ipc_peekDataEx(handle=1, buffer size=0, timeout=10)
	Level  1: Sec_NegotiateAccept(handle:1)
	Level  0: SecIpcAcceptConnection()

any idea?

kofop · ‎2020-04-21

We found the solution:

we must install libnsl package:

/opt/omni/bin/omnicc -secure_comm -regenerate_cert bekes0m2-cm.domain.hu
/opt/omni/bin/perl: error while loading shared libraries: libnsl.so.1: cannot open shared object file: No such file or directory
Certificate regeneration failed.

# yum search nsl
# yum install libnsl

# /opt/omni/bin/omnicc -secure_comm -configure_peer bekes0m2-cm.domain.hu
 - Please use the fingerprint to validate the certificate manually!
Certificate information:
 - Hostname:bekes0m2-cm.domain.hu
 - Valid: from Oct 29 20:24:02 2018 GMT until Oct 26 20:24:02 2028 GMT
 - Fingerprint: 3a:65:c8:39:18:c4:c4:bd:0b:ac:fe:89:8c:1d:22:73:86:40:3d:ca:5b:64:40:59:5b:bf:90:16:bb:e0:a7:67
Do you want to continue (y/n)?y
Host 'bekes0m2-cm.domain.hu' configured for secure configuration successfully.

View solution in original post

Sebastian.Koehler · ‎2020-04-21

Hello @kofop,

Please share the actual error (screenshot or command output) you're seeing. The debug.log is is not helpful without it. Have you installed xinetd on the CentOS client? systemd support is coming with DP 10.70 soon. Have you been able to configure Secure Communication with omnicc -secure_comm -configure_peer in both directions? Is the firewall open/stopped on the CentOS system?

Regards,
Sebastian Koehler

---
Please use the Like button below, if you find this post useful.

kofop · ‎2020-04-21

Hi,

The firewalls are stoped.

Xinetd installed (see the logs the hosts are starting communication), 5565 port is open:

bekes0m2-cm:/var/opt/omni/log # /opt/omni/bin/omnicc -secure_comm -configure_peer 10.166.6.44
Secure communication protocol negotiation error when trying to establish a connection.
Check the validity of certificates and their configuration.

bekes0m2-cm:/var/opt/omni/log # telnet 10.166.6.44 5565
Trying 10.166.6.44...
Connected to 10.166.6.44.
Escape character is '^]'.
bekes0m2-cm:/var/opt/omni/log # /opt/omni/bin/omnicc -import_host 10.166.6.44
[12:1625] Import host failed.
bufbekes0m2-cm:/var/opt/omni/log #

...just a "buf" 😞

Other clients (with suse and windows) are working with this cell.

Sebastian.Koehler · ‎2020-04-21

Hello @kofop,

Never use /opt/omni/bin/omnicc -secure_comm depends on host names, never use it with IPs. What does /opt/omni/bin/omnicc -secure_comm -get_fingerprint return on the CentOS 8.1 client? If it is empty then check hostname and dnsdomainname output. Fix DNS and/or /etc/hosts and let me know.

Regards,
Sebastian Koehler

---
Please use the Like button below, if you find this post useful.

kofop · ‎2020-04-21

Hi,

We always try dns names too, just I sent the IP version for this forum (masking the real names)

[root@teraintra ~]# /opt/omni/bin/omnicc -secure_comm -configure_peer bekes0m2-cm.domain.hu
Error getting certificate from the peer 'bekes0m2-cm.domain.hu'.

Failed to get peer certificate.
[root@teraintra ~]# /opt/omni/bin/omnicc -secure_comm -get_fingerprint
Couldn't find certificate file.

kofop · ‎2020-04-21

We found the solution:

we must install libnsl package:

/opt/omni/bin/omnicc -secure_comm -regenerate_cert bekes0m2-cm.domain.hu
/opt/omni/bin/perl: error while loading shared libraries: libnsl.so.1: cannot open shared object file: No such file or directory
Certificate regeneration failed.

# yum search nsl
# yum install libnsl

# /opt/omni/bin/omnicc -secure_comm -configure_peer bekes0m2-cm.domain.hu
 - Please use the fingerprint to validate the certificate manually!
Certificate information:
 - Hostname:bekes0m2-cm.domain.hu
 - Valid: from Oct 29 20:24:02 2018 GMT until Oct 26 20:24:02 2028 GMT
 - Fingerprint: 3a:65:c8:39:18:c4:c4:bd:0b:ac:fe:89:8c:1d:22:73:86:40:3d:ca:5b:64:40:59:5b:bf:90:16:bb:e0:a7:67
Do you want to continue (y/n)?y
Host 'bekes0m2-cm.domain.hu' configured for secure configuration successfully.

View solution in original post

Juliano_Flores · ‎2020-10-29

Hello @kofop !

It really works and it helped me a lot!

Thank you very much!

Best Regards,

Juliano Flores